package shiro_03_authorization;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;
import org.junit.Test;

//各种配置方式
public class SettingDriver {
	
	
	/**
	 * 1.单资源单权限
	 */
	@Test
	public void oneSrcOnePerssion(){
		login("classpath:shiro_permission_ant.ini","user","123");
		subject().checkPermissions("system:user:update");
	}
	/**
	 * 2.1.单资源多权限
	 */
	@Test
	public void oneSrcNPerssion(){
		login("classpath:shiro_permission_ant.ini","user21","123");
		subject().checkPermissions("system:user:create","system:user:delete");
	}
	/**
	 * 2.2.单资源多权限简写
	 */
	@Test
	public void oneSrcNPerssion2(){
		login("classpath:shiro_permission_ant.ini","user22","123");
		subject().checkPermissions("system:user:create");
		subject().checkPermissions("system:user:delete");
		subject().checkPermissions("system:user:create,delete");
	}
	
	/**
	 * 3.1.单资源所有权限
	 */
	@Test
	public void oneSrcAllPerssion(){
		login("classpath:shiro_permission_ant.ini","user31","123");
		subject().checkPermissions("system:user:create");
		subject().checkPermissions("system:user:delete");
		subject().checkPermissions("system:user:update");
		subject().checkPermissions("system:user:view");
		subject().checkPermissions("system:user:create,update,delete,view");
	}
	/**
	 * 3.2单资源全部权限简写
	 */
	@Test
	public void oneSrcAllPerssion2(){
		login("classpath:shiro_permission_ant.ini","user32","123");
		subject().checkPermissions("system:user:create");
		subject().checkPermissions("system:user:delete");
		subject().checkPermissions("system:user:update");
		subject().checkPermissions("system:user:view");
		subject().checkPermissions("system:user:view,system:user:create");
		subject().checkPermissions("system:user:*");
	}
	/**
	 * 所有资源所有权限
	 */
	@Test
	public void allSrcAllPerssion(){
		login("classpath:shiro_permission_ant.ini","user41","123");
		subject().checkPermissions("system:user:create");
		subject().checkPermissions("system:user:delete");
		subject().checkPermissions("system:user:update");
		subject().checkPermissions("aaa:view");
		subject().checkPermissions("system:user:view,system:user:create");
		subject().checkPermissions("system:user:*");
	}
	
	/**
	 * 认证 
	 * @param ini 配置文件
	 * @param username 用户名
	 * @param pwd 密码
	 */
	private void login(String ini,String username,String pwd){
		//1.获取SecurityManager工厂，使用ini文件初始化
		Factory<SecurityManager> factory = new IniSecurityManagerFactory(ini);
		
		//2.获取SecurityManager,并設置給SecurityUtils
		SecurityManager securityManager = factory.getInstance();
		SecurityUtils.setSecurityManager(securityManager);
		
		//3.获取Subject
		Subject subject = subject();
		
		//4.创建用户名/密码认证Token
		UsernamePasswordToken token = new UsernamePasswordToken(username, pwd);
	
		try {
			// 5.登录，即身份验证
			subject.login(token);
		} catch (UnknownAccountException e) {
			System.out.println("账号不存在!");
			e.printStackTrace();
		} catch (IncorrectCredentialsException e) {
			System.out.println("密码不正确!");
			e.printStackTrace();
		} catch (AuthenticationException e) {
			System.out.println("身份认证失败!");
			e.printStackTrace();
		}
		
	}
	
	/**
	 * 获取认证主体
	 * @return
	 */
	private Subject subject(){
		return SecurityUtils.getSubject();
	}
}
